IP Addressing for AP's connected to 4404 controllers?

Is there a pro/con, or best practice regarding the ip addressing for your AP's when having them connected to wireless controllers?

Basically I am trying to decide if the AP's should just use the same VLAN and subnet as what the wireless clients will use, or something different?

I know that part of the LWAPPs process for finding controllers depends on it grabbing a DHCP address which if you configure the switch port right for the AP according to the deployment guide you are setting the access vlan to that which your wireless clients will use. So the AP will grab DHCP from the client scope then broadcast out on that subnet looking for a controller.

So far all seems fine and good, and I know you can change the IP address of the AP if you want once it is homed into the controller. But I simply don't know if there is a best practice regarding this.

Leave the APs IP on same subnet/vlan as the wireless clients or move the AP's to a new one.

Maybe I am over thinking this, and it really doesn't matter?

I have two controllers at two main locations, each going to support about 15 AP's. Same SSID at each location and using PEAP.

Thinking about basically allocating two class c's one for each location for the wireless clients and just do some reservations from each class c scope for the AP's.

Also plan to use L3, not sure if that changes anything.

What would be the negatives of doing things this way? Any suggestions or pros/cons would be appreciated.

Reply to
DarkFiber
Loading thread data ...

First, you want your AP's to obtain a DHCP address from the subnet that wired connections are on. I see no reason to change the IP to an address that is on the subnet you have created for you wireless clients. Keep the wired connections on one subnet, and you wireless clients on another, and don't mix the two (if your troubleshooting a problem, the IP will tell you if its a wired device or a wireless one.) The only wired connection on your wireless subnet should be the WLC interface for that WLAN. On our network, each wiring closet gets two subnets/VLANs that exist ONLY in that closet. One for phones and the other for everything else. No subnets/VLANs span multiple closets. There are NO exceptions to this rule. (If you move your device from closet A to closet B, you get a different IP address, period.)

There is no reason you should care what the IP's of the AP's are. When using a WLC, there is nothing to configure on them or to monitor. After the AP has connected to the WLC, all I do is set its name of the AP using our naming convention and I'm done. Why go through all the hassle of changing switch port configurations and assigning a different IP address when it doesn't buy you anything.

If your AP's are on a different subnet than the management IP address of the WLC you will need to use either DHCP option 43, or use DNS to allow the AP to find the controller. I use DNS because it is simpler to implement. I just add a CNAME for the WLC management interface of "cisco-lwapp-controller.pcdomain.mycompany.com" and everything works great, where "pcdomain.mycompany.com" is the domain given out by my DHCP server for the subnet the AP's are on. Use DHCP option 43 only if your DHCP server supports it along with DHCP option classes. (When the AP boots up for the first time it does a DNS lookup of "cisco-lwapp-controller".)

If you are using code version 4.0.206.0, be aware that there are issues if the default gateway of any of your WLC interfaces is an HSRP address. The AP's will loose connectivity to the WLC every 5 to 10 minutes for 30 seconds to a couple minutes. There is an engineering fix (4.0.207.0) available, or as a workaround you can use the actual IP address of one of the routers as the gateway address instead of the HSRP address. To get the engineering fix you will have to open a TAC case.

formatting link
The first rule to follow in networking is the KISS principle (Keep It Simple, Stupid. and yes "stupid" refers to the person uttering it). If you can do it two ways, do it the simplest way. Simple doesn't mean EASIEST!!!!, it's the least complicated way to do you need to get done. To measure simple, ask yourself these questions... "which is simpler to configure, which is simpler to maintain, which is simpler to support, which is simpler to troubleshoot, which is the simpler topology, which gives you the simplest routing tables, etc" NEVER ask yourself "which one is simpler to implement"!! That leads to shortcuts, which generally come back to bite you in the ass sometime later. Remember that simple doesn't mean easy!

Scott

Reply to
Thrill5

KISS as quoted, for support purposes, you do not want your infrastructure nodes on DHCP, set a range of fixed IPs and assign one to each AP/SW/RTR/FW/SRV/PRT, DHCP is for endpoints i.e PCs.

peace t0

Reply to
t0

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.